Podcast: With Ransomware -Never Pay The Ransom!

To pay the ransom, or not to pay the ransom, that is the question. Thomas Fischer of Digital Guardian makes the argument for saying “no” to ransomware crews.

In-brief: To pay the ransom, or not to pay the ransom, that is the question. In this Security Ledger podcast, we talk to Thomas Fischer, a Global Privacy Advocate at Digital Guardian about why ransomware is such a big problem for businesses these days, and why he thinks paying to get access to your encrypted data is a terrible idea.

The message wasn’t that the “bad guys are winning” or that paying the ransom was the first step in responding to an infection. Bonavolonta was simply admitting that the encryption used by ransomware was unbreakable, as a practical matter, and that malware authors were wrapping pretty tight code around that encryption. Companies that didn’t have a reliable backup of data to fall back on had (and have) few options.

That story generated a wave of controversy, with many taking the position that individuals and organizations should (almost) never pay the ransom, thereby encouraging the continuation of ransomware schemes.

A bigger question may be why and how ransomware has become such a pressing issue facing businesses. Just this week, there is news of yet another hospital infected with the malware – this one in Ottawa, Canada. To get answers to those questions, we sat down with Thomas Fischer, a Global Security Advocate at Digital Guardian.*

Fischer is an expert on malware, and one of the hosts of the B-Sides London Conference. He’s also no fan of paying off ransomware crews, as he explains to us in this conversation.

Author: PaulI'm an experienced writer, reporter and industry analyst with a decade of experience covering IT security, cyber security and hacking, and a fascination with the fast-emerging "Internet of Things."

2 Comments

I didn’t listen to the soundpod, but his stance smells of government bureaucracy. “Never pay a terrorist their ransom demands, for they will simply ask for it, again and again”. Blah, blah, blah.

Until that bureaucrat’s kid is kidnapped and they move heaven and hell to get their daughter back.

Same for ransomware. Were he to get infected and lose everything, then I’m sure he would be singing a different tune.

Here’s how I look at it. That ransom is the cheapest security audit payment I have ever had to make. It brought to light something that I may never have discovered until it was too late. Too late, as in wiping out a major client’s data and forcing us to pay a ransom 10 or 100 times as big. Causing us to shut our doors.

What is the benefit of this ransom ware? It is causing IT service providers like ourselves to insure we are doing everything humanly possible to secure our clients from something DRASTICALLY worse that this. Like a virus that encrypts and then doesn’t give us back the decryption key. It is the cruelest of wakeup calls, that we didn’t ask for, but are sure glad that it happened, as opposed to the alternative – the shutting down of our business.

The fact is, you have to adapt and move on. The IT service providers (and individuals) that do not adapt, will pay the ransom a dozen times until they finally shut their doors (or in the case of individuals, throw their computers out the window and start fresh), because they failed to learn their lesson after the first infection.